SlideShare une entreprise Scribd logo
1  sur  13
Télécharger pour lire hors ligne
Governance,




                                                                    Re gu
The 2009




                                                                      gi st
                                                                Au
                                                                Sa

                                                                        st 14
                                                                          er t
risk manaGemenT




                                                                   ve

                                                                            by h
                                                                   $4
      compliance summiT




                                                                      00
and


      Develop an Integrated Approach to Risk Management,
            Compliance and Corporate Governance


      sepTember 29, 30 & ocTober 1, 2009
      John hancock hoTel & conference cenTer
      bosTon, ma



This comprehensive Governance, risk and
compliance (Grc) evenT will demonsTraTe
how To:

  •	 Identify a methodology to link process and
     technology, effectively bridging together
     internal audit, risk management, information
     security, operations and compliance
     functions.
  •	 Utilize GRC to effectively execute corporate
     strategy in tough economic times
  •	 Grow GRC capabilities and transform
     a reactive and technologically focused
     approach, into a proactive and risk based
     approach




  Presented by:                                     Sponsors:
Enable Your Organization to Anticipate and Manage Business
            Risk while More Effectively Delivering Value


                          Dear GRC Executive,
                          Today’s organization is a complex multiplicity of global processes and business relationships. Organizations
                          are struggling to identify, manage, and control Governance, Risk Management, and Corporate Compliance
                          (GRC) across business relationships. At the 2009 Governance, Risk Management, and Compliance
                          Conference you will learn to effectively enable your organization to anticipate and manage business risk
                          while more effectively delivering value for the organization.


                          PREPARING FOR AN UNCERTAIN FUTURE                                   ADOPT AN INTEGRATED APPROACH
                          Ignoring or misunderstanding financial risks played a               GRC is often positioned as a single business activity, when it
                          substantial role in creating the world financial crisis in 2008.    actually includes multiple overlapping and related activities
                          The financial crisis has essentially undone the last decade of      within an organization including internal audit, compliance
                          deregulation, and corporate leaders and legal teams will bear       programs like SOX, enterprise risk management (ERM),
                          the responsibility of rebuilding whole industries from the          operational risk, and incident management among others.
                          ground up. Business leaders everywhere should be asking             Within the GRC realm, if the first element –Governance--is
                          themselves what could have been done differently and what           not in place, the second two elements -Risk Management and
                          can be done in the future to avoid crisis of this proportion.       Compliance- become irrelevant and cannot be meaningfully
                          A large portion of the answer lies in the area of governance        achieved. Likewise, if second element --Risk Management--
                          itself. Businesses need sound, ethical and well-planned             is not in place then achieving Compliance becomes irrelevant
                          building blocks on which to found their governance                  and generally cannot be meaningfully achieved.
                          principles, regardless of future regulations. Implementing          It is necessary to improve each of the elements of your
                          internal controls, breaking down communication barriers             organization’s GRC initiative as well as increase overall
                          between departments and centralizing information are vital          performance by breaking down communication barriers
                          to proper corporate governance.                                     between finance, IT (Information Technology) and Legal
                          According to a study by The Economist Intelligence Unit,            departments. Organizations must evaluate their financial
                          “Companies are beginning to realize that the full value             activities to ensure the correct operation of all financial
                          of [governance] depends in large part on the policies and           processes, as well as compliance with any finance-related
                          procedures that govern and control its use, access, analysis,       mandates. Learn how to strike an appropriate balance
                          retention and protection.” In a poll conducted by the EIU:          between business reward and risk. Ensure that the IT
                                                                                              organization supports the current and future needs of the
                            “… 77% of respondents expect … governance to be …                 business, and complies with all IT-related mandates. Finally,
                            very important to their company’s success over the next three     tie all three components together through your organization's
                            years. As a result, many firms have begun building the            legal department and Chief Compliance Officer.
                            foundation for … governance policies. A majority (65%)
                            have defined policies around how information is to be stored      Join GSMI on September 29th, 30th and October 1st in John
                            and shared among employees and stakeholders. Furthermore,         Hancock Hotel & Conference Center - Boston for the 2009
                            some organizations are forming formal governance bodies           GRC Conference to learn strategies to join the movement
                            to create strategies, policies and procedures surrounding the     from managing risk as a transaction or compliance activity
                            distribution of information inside and outside the firm. This     to adding business value by improving operational decision
                            is a good start, but considering that 68% of respondents also     making and strategic planning. Register today by calling
                            expect that the complexity of their company’s information         888.409.4418 or visit us at www.gsmiweb.com. I hope to
                            governance issues will grow over the next three years, there is   see you this September!
                            little time to waste.”
                                                                                  Regards,



                                                                                  Luke Vinci
                                                                                  President, GSMI




2   | RegisteR today! 888.409.4418 www.thegrcsummit.com                  the 2009 governance, Risk Management and Compliance summit
Adopt an
          Integrated Approach
                to Governance, Risk
                    and Compliance

WHO SHOULd ATTEnd?
     Managers and executives involved in Governance, Risk Management and Compliance:



• Governance, risk, compliance                • Manager, Enterprise Risk Management
  (gRC) staff                                 • Risk analysts
• CFO
• Chief Risk Officers
                                              • ARM
                                              • ARM-P
                                                                                                    venue:
• Chief Legal Counsel                         • IT governance directors/managers                    the 2009 GRC Conference will be held at John
• Chief Compliance Officer                    •I T risk directors/managers                          hancock hotel & Conference Center, Boston,
• VPs of Risk Management                                                                            Ma
                                              • IT compliance directors/managers
• VP of Finance                               • IT Audit directors/managers                         accommodations:
• Treasurers                                  • Information security directors/                     a limited number of rooms have been reserved
• Controllers                                    managers                                           at the John hancock hotel (located at the John
                                                                                                    hancock Conference Center) at a discount
• Director, Internal audit                    • IT directors/ consultants
                                                                                                    rate of $189 per night (contact the hotel by
• Director, Operational Risk                                                                        september 10, 2009 to receive the discounted
                                                                                                    rate). also, please make sure to ask for the GsMi
            involved in the followinG aReas:                                                        conference rate when you call for reservations.
                                                                                                    to make reservations, call, 617 933 7700.
• Audit                                       • Legal
• Compliance                                  • Governmental affairs
• Governance                                  • IT
• Risk management                             • Accounting
• Sarbanes Oxley (SOX)                        • Finance
• Ethics                                      • Reliability
• Regulatory                                  • Quality assurance




           Mitigate Risks and
             Prevent Future
           Compliance Issues
3   | RegisteR today! 888.409.4418 www.thegrcsummit.com             the 2009 governance, Risk Management and Compliance summit
Agenda at a Glance
day One - September 29, 2009
8:30      Continental Breakfast and Workshop Registration                        12:00   Luncheon
          Breakout sessions                                                              Breakout sessions
9:00      workshop a:                        workshop B:                         1:15    workshop C:                         workshop d:
          Leveraging Your Compliance         Aligning ERM to Strategy                    Practical Application of Lead-      ERM Process Improvement
          Program Toward Corporate           through the Balanced                        ing Practices in Regulatory
          governance                         Scorecard (BSC)                             Compliance
                                                                                 4:15    Adjourn




day Two - September 30, 2009
8:00      Continental Breakfast and Registration                                         Breakout sessions
8:45      Keynote: Stakeholder Reputation Risk: The Real Driver Behind                   it GRC:                            eRM:
          Coordinated GRC Policies                                               2:15
                                                                                         developing Metrics and             Case Study: Putting the “R”
9:40      Integrated GRC: Assurance Integration with Real ROI                            Measures for information           in gRC, an enterprise Risk
                                                                                         governance                         Management (ERM) Perspective
10:35     Break and Refreshments
10:50     Best Practices to Achieve Results with Governance Risk and             3:15    Break and Refreshments
          Compliance
                                                                                         Breakout sessions
11:35     Choosing the Right GRC Software                                                it GRC:                           eRM:
                                                                                 3:30
12:15     Networking Luncheon                                                            GAIT for Business and IT Risk     Learn How Your ERM Strategy
                                                                                                                           Can Enhance Your Company’s
                                                                                                                           Value and Credit Rating
          Breakout sessions
                                                                                 4:30    it GRC:                            eRM:
1:15      it GRC:                           eRM:
                                                                                         Security By Compliance - A         iso 31000 and eRM
          governance, Risk, Compliance      Utilizing ERM to Rebuild our
                                                                                         discussion of information Risk
          - and Mobility                    Economy
                                                                                         Management’s Greatest Challenge
                                                                                 5:30    Adjourn



day Three - October 1, 2009
8:00      Continental Breakfast                                                  12:00   Networking Luncheon
8:30      A Measure of Success:Tools to Evaluate GRC Program Design              1:15    Protect and Grow Shareholder Value with Best Practices and
          and operation                                                                  effective tool
          Breakout sessions                                                      1:45    Panel Discussion - Establishing GRC Goals and Performance
9:15                                                                                     Metrics
          financial GRC                     legal GRC:
          Case Study: Beyond                Bridging the Gap between             2:15    Break and Refreshments
          Compliance: A SOX Perspective     Legal and GRC                        2:30    Building an Effective Whistle-blower Program - “Best mechanism to
10:15     Break and Refreshments                                                         surface fraud and wrongdoing”
          Breakout sessions                                                      3: 30   Bringing it all Together: Evaluating the Results of Your GRC Program
10:30     financial GRC:                     legal GRC:                          4:30    Conference Adjourn
          Mastering Financial Governance     How the financial crisis will
          – Bridging the Gap Between         affect governance for corporate
          SOX, Internal Audit, and Risk      legal departments
          Management Processes



4   | RegisteR today! 888.409.4418 www.thegrcsummit.com                    the 2009 governance, Risk Management and Compliance summit
5                           5 Reasons to Attend
                                                   2009 GRC Conference
                                                   1. integrate
                                                   Learn from leaders in risk management, governance and compliance how to
                                                   achieve compliance and insure ethical conduct while meeting general business
                                                   objectives. Take lessons learned back home to your organization’s GRC silo
                                                   leaders and facilitate integration among your entire company.


                                                   2. Connect
                                                   Network with your peers from organizations throughout the country and
                                                   around the world. Learn how others are implementing and improving GRC
                                                   initiatives and programs for today’s economy. There will be ample opportunity
                                                   for networking during our receptions, meals, breaks and informative sessions.


                                                   3. focus
                                                   Four interactive break out tracks. Identify case studies and lessons learned to
                                                   manage, measure, improve and integrate your GRC functions across all silos – IT,
                                                   Financial and Legal.


                                                   4. evolve
                                                   Information security is quickly evolving into information risk management.
                                                   The enterprise of today can no longer rely on technology alone to protect
                                                   information and information infrastructure, and requires a business approach
                                                   to information risk management, governance, and compliance to be successful.
                                                   Gain insight and guidance on key issues faced by enterprises today, as they
                                                   mature their capabilities and transform a reactive and technologically focused
                                                   approach to information security, into a proactive and risk based one.


                                                   5. save
                                                   Simplify GRC and reduce costs by managing multiple regulatory requirements
                                                   with one enterprise GRC platform..




5   | RegisteR today! 888.409.4418 www.thegrcsummit.com     the 2009 governance, Risk Management and Compliance summit
feaTured speakers
                     Michael Rasmussen,                           patricia Florissi,                             Chris Boswell,
                     President, Risk &                            Distinguished Engineer,                        Director Risk and
                     Compliance Advisor,                          Strategic Initiative Leader,                   Compliance Services,
                     CORpORATE                                    Governance, Risk and                           CA, InC
                     InTEGRITy, LLC                               Compliance,
                                                                  EMC, InC




                     Mark Smith,                                  Geoffrey Buswick,                              Johannes Swanepoel,
                     CEO & EVP Research,                          Managing Director,                             Director Enterprise
                     VEnTAnA                                      Boston Head Office,                            Risk Management,
                     RESEARCH                                     STAndARd & pOORS                               CURA SOFTWARE
                                                                  CORpORATE And
                                                                  GOVERnMEnT
                                                                  RATInGS




                     nick Bako, CMA,                              Ranga Bodla,
                     Chief Risk Officer,                          Director, Solution Marketing,
                     OnTARIO LOTTERy                              EpM And GRC.
                     And GAMInG                                   SAp, InC.




                                              oTher speakers include:
• Jason Mefford,                                • Irving Kagan,                                   • Steven Saporito,
  VP of Business Process Assurance,               Kagan Consultants                                 Managing Director, Enterprise
  Ventura Foods                                                                                     and Risk Finance Practice,
• Brad Vorhies,                                 • Tony Tarantino, Phd, Author                       willis re
  Manager of Financial Controls Compliance,       and Adjunct Professor of Finance at
  energy Future Holdings                          santa Clara uniVersity                          • Dr. Prodyot Samanta,
                                                                                                    Managing Director,
• Carole L. Basri,                                                                                  tHrideye risKinsigHts
                                                • Dave Ingram, Senior VP,
  University of Penn Law School,
                                                  willis re
  Corporate lawyering
  group llC




6   | RegisteR today! 888.409.4418 www.thegrcsummit.com         the 2009 governance, Risk Management and Compliance summit
Best Practices and Strategies
                        from Leaders in GRC!
            aGenda and speakinG faculTy
daY one: Pre-Conference workshops: september 29, 2009

8:30      Continental Breakfast                                               12:00       Luncheon
          and Registration

9:00      workshop a:                  9:00      workshop B:                  1:15        workshop C:                      1:15       workshop d:
leveraging Your Compliance             aligning eRM to strategy through       Practical application of leading             eRM Process improvement
Program toward Corporate               the Balanced scorecard (BsC)           Practices in                                 Learn to benchmark your
Governance                             The COSO Framework describes           Regulatory Compliance                        organizations enterprise risk
gain an understanding of various       eRM as a process that guides the       Today companies face the challenge           management (eRM) structure,
paradigms around corporate             achievement of strategic objectives.   of establishing a consistent set of          process, and practices with COSOs
governance, risk management, and       Because of the integral role ERM       processes, practices and systems that        ERM Integrated Framework. This
compliance (gRC). discuss the          plays in strategy execution, it        support external compliance and              workshop will identify opportunities
many challenges involved in aligning   must be understood throughout          internal self-assessment. Join us for this   for improving your organizations
GRC within an organization.            the entire organization. the           workshop to identify leading practices       ERM process by sharing and
Join us for this practical workshop    Balanced Scorecard (BSC) is a          that are being used by companies to          comparing practices with other
and identify:                          performance measurement system         create proactive programs that are           eRM practitioners. attendees in
                                       that communicates organizational       sustainable and adaptable in the face of     this workshop will:
   • How one company is working
                                       progress in executing strategy         countless regulatory expectations and           • Participate in a series of
      through challenges of aligning
                                       across four perspectives (financial,   requirements across the physical and               discussions on eRM challenges
      gRC;
                                       customer, internal processes,          financial markets.                                 and strategies for sustaining the
   • Resources available to help       learning and growth). At the core      Workshop attendees will gain an                    eRM process.
      your company work through        of the BSC is a strategy map that
      compliance challenges; and                                              understanding of the key components             • Validate the ERM approach and
                                       shows the strategic linkage between    of a compliance program as well as                identify any blind spots.
   • Various approaches for            organizational objectives.Through      gain valuable insight regarding the
     leveraging your existing          integrating objectives related to      regulatory compliance capability
     compliance and risk               addressing specific risks into the     maturity of their own organizations.
     management programs to            strategy map, organizations can        Some specific leading practices
     improve corporate governance      create initiatives that make eRM an    discussed include:
                                       integral part of strategy execution.
                                                                                 • Risk Assessment Processes
                                       In this comprehensive workshop,
                                                                                 • Organizational Structure
                                       you will experience a hands-on
                                       approach to incorporating eRM             • Underlying Policies and
                                       into organizational strategy through         Procedures
                                       using the BSC and the strategy map        • Control and Monitoring
                                       that supports it.                            Mechanisms
                                                                                 • IT Systems and Information
                                                                                    Management




       Effectively Manage and Track GRC
              Activities Across an Enterprise
7   | RegisteR today! 888.409.4418 www.thegrcsummit.com                  the 2009 governance, Risk Management and Compliance summit
aGenda and speakinG faculTy                                                                                                   (conTinued)




daY two: september 30, 2009
8:00      Continental Breakfast                        9:40    integrated GRC: assurance                             ries to assess your current vendors
                                                               integration with Real Roi                             and technologies and examine new
8:45      Keynote: stakeholder Reputation
                                                               Integrated GRC in the Virtual, Hyper-                 ones. Unfortunately the majority of
          Risk: the Real driver Behind Coor-
                                                               Extended Business: Integration of                     organizations lack the technology
          dinated GRC Policies
                                                               GRC silos for Real ROI. Find out                      know-how for making improvements
          A key component in the emerging                                                                            from monitoring to automation and
                                                               why integration is the key to success
          regime of coordinated governance, risk,                                                                    control to the specific analytics and
                                                               and why it is often the major cause
          and compliance (gRC) management is                                                                         metrics required to successful with
                                                               of corporate governance failures
          ensuring that the company’s business                                                                       GRC. This session will provide clarity
                                                               as organizations transition to new
          is conducted in a manner that serves                                                                       on the scope of GRC and the software
                                                               business models in the virtual world.
          its various stakeholders in an effective,                                                                  that can best meet an organization
                                                               Discover new approaches for
          compliant, and untainted fashion. a                                                                        needs while leveraging existing invest-
                                                               leveraging performance management
          true indicator of the success or failure                                                                   ments and provide the tools for every
                                                               and infrastructure monitoring systems
          of this internal company effort is                                                                         participant to make the best decision
                                                               to harvest empirical evidence for gRC.
          the company’s imputed goodwill or                                                                          for their organization.
                                                               Learn how to reduce the cost and
          reputation, arguably the most valuable,
                                                               complexity of your company’s silo’d
          yet fragile, attribute a company
                                                               gRC initiatives and gain insight into
          possesses.                                                                                         12:15   Networking Luncheon
                                                               new strategies, tactics and approaches
          This keynote presentation will explore               to optimize your infrastructure to
          how the imposition of recent — and                   create real return on investment.                      BReaKout sessions
          the strengthening of longstanding
          — compliance obligations have                10:35   Break and Refreshments                                 Choose: it GRC or eRM
          compounded the responsibilities of           10:50   Best Practices to achieve Results                     it GRC:
          professionals charged with enforcing                 with Governance Risk and
          governance, risk, compliance, audit and              Compliance                                    1:15    developing Metrics and Measures
          ethics roles. It will examine compliance                                                                   for information Governance
                                                               This session will cover the evolution of
          measures and their practical impact on                                                                     Information Governance has become
                                                               governance, risk and compliance (gRC)
          companies, due to:                                                                                         a critical issue within organizations, and
                                                               management and discuss how it is being
          • The expansive reach of the                         shaped by key stakeholders including                  a key success factor for businesses.
            requirements                                       consultants, regulators and end-users.                In order to effectively maintain the
          • The lack of precedents                             Identify various approaches to GRC and                stewardship, integrity and security
                                                               highlight the strengths and weaknesses of             of an organization’s information
          • The emphasis on self-disclosure
                                                               each approach to cut through the hype                 infrastructure effective metrics
          • The uncertainty over due process                                                                         and measures must be developed,
            rights in enforcement                              and identify areas where true value can
                                                               be derived today. Attendees will also learn           implemented, and monitored. this
          It will further examine how these                                                                          session will cover the concept of
                                                               tips and tricks to help streamline risk,
          elements expose the company’s                                                                              enterprise metrics and measures in the
                                                               compliance and audit processes.
          reputation to immediate risk, and how                                                                      context of Information Governance
          to structure a GRC culture within            11:35   Choosing the Right GRC software                       maturity as well as the issues that
          the organization to address these                    Assess Your Needs and Establish Evalu-                must be considered when developing,
          exposures in a manner ensuring that                  ation Criteria for Finance, Operations                implementing and monitoring them.
          compliance issues are disseminated                   and it                                                Attendees will participate in an
          effectively through the organization                                                                       interactive session to:
                                                               the challenges for organizations in
          and implemented enterprise-wide.
                                                               addressing the spectrum of governance,                • Identify current and target States on
          Further, identify a coherent integrated
                                                               risk and compliance (gRC) is having                     an Information Governance Maturity
          GRC effort developed by senior
                                                               clarity in the requirements for ad-                     Model
          management in collaboration with the
                                                               dressing the specific process needs                   • Discuss challenges and strategies in
          governance, risk, compliance, audit, legal
                                                               across business and IT. GRC has specific                implementing roadmaps, metrics and
          and ethics team to drive the entire
                                                               needs for finance, operations and IT                    reporting
          organization to foster and protect a
                                                               areas where the specific competencies
          company’s stakeholder reputation.                                                                          • Learn about technologies that
                                                               across people, processes, information
                                                                                                                       accelerate movement up information
                                                               and technology need to be reviewed
                                                                                                                       Management maturity curves
                                                               for determining the right steps for
                                                               improvement.To do this successfully is to
                                                               understand the evaluation catego-




8   | RegisteR today! 888.409.4418 www.thegrcsummit.com                  the 2009 governance, Risk Management and Compliance summit
aGenda and speakinG faculTy                                                                                                (conTinued)




daY two: september 30, 2009 (Continued)
                                                       BReaKout sessions - Choose: it GRC or eRM
          eRM:                                                  eRM:                                               it GRC:
1:15      utilizing eRM to Rebuild our                  2:15    Case study: Putting the “R” in GRC,         4:30   security By Compliance - a discus-
          economy                                               an enterprise Risk Management                      sion of information Risk Manage-
          What role, if any, did ERM play in                    (eRM) Perspective                                  ment's Greatest Challenge
          the collapse of the financial markets?                As compliance issues have become                   When most organizations today
          enterprise Risk Management can                        increasingly important and the magnitude           think about information protection,
          be the tool to rebuild our economy.                   of their consequences has escalated,               compliance is at the top of that list.
          This session will evaluate how ERM                    the interface between governance                   This new level of consciousness has
          is shaping business and how to use                    risk and compliance has moved up in                become both a tremendous benefit
          it your advantage. You’ll hear the                    prominence not just among regulators,              to information security professionals
          perspectives from rating agencies,                    but among stakeholders, shareholders,              as well as their greatest fear. The
          updates on the latest S&P initiatives,                and management. This session will                  leadership of many companies are
          tools you can use to implement                        describe how these GRC elements are                now falling into the trap of feeling
          ERM going forward, how financial                      integrated with a focus on the role of             secure merely because they are
          institutions’ failures reflect on their               enterprise risk management in strategic            compliant; however simply meeting
          eRM practices, and other current issues               and operational planning.                          legal and regulatory compliance
          of relevance.                                                                                            requirements, does not necessarily
                                                        3:15    Break and Refreshments
                                                                                                                   mean that companies have fulfilled
          it GRC:                                               it GRC:                                            their requirements for information
2:15      developing Metrics and Measures                                                                          risk management and protection.
                                                        3:30    Gait for Business and it Risk
          for information Governance                                                                               Learn how to take advantage of the
                                                                Discover why leading-edge chief audit              benefits created by new compliance
          Information Governance has become                     executives and audit practitioners say             requirements, while also overcoming
          a critical issue within organizations, and            there is no such thing as information              the challenge of this new operating
          a key success factor for businesses.                  technology (IT) risk. Discuss the                  procedure.
          In order to effectively maintain the                  relationship between business risk and
          stewardship, integrity and security                   IT risk. Review the methodology in                 eRM:
          of an organization’s information                      the guide to the assessment of it Risk      4:30   iso 31000 and eRM
          infrastructure effective metrics                      (GAIT) publication GAIT for Business
          and measures must be developed,                                                                          the international risk management
                                                                and IT Risk and how it is used to
          implemented, and monitored. this                                                                         framework is scheduled to be
                                                                ensure efficient auditing of IT. Develop
          session will cover the concept of                                                                        published in 2009. Most risk
                                                                a solid understanding of the gait for
          enterprise metrics and measures in the                                                                   professionals recognize the importance
                                                                Business and IT Risk methodology as
          context of Information Governance                                                                        of a formalized framework to ensure
                                                                well as the ability to apply it.
          maturity as well as the issues that                                                                      the successful implementation of
          must be considered when developing,                   eRM:                                               enterprise risk management (eRM).
          implementing and monitoring them.                                                                        Starting with the ISO 31000 risk
                                                        3:30    learn how Your eRM strategy Can
                                                                                                                   management process schedule,
          Attendees will participate in an                      enhance Your Company's value and
                                                                                                                   learn how to tailor ERM to the
          interactive session to:                               Credit Rating
                                                                                                                   individual needs of any organization,
          • Identify current and target States on               Reviewing the quality of enterprise                align risk management objectives to
            an Information Governance Maturity                  risk management (eRM) programs is                  organizational strategic goals and
            Model                                               no easy task. Learn directly about the             missions and graft eRM culture onto
          • Discuss challenges and strategies in                review process, major findings and                 existing corporate culture.
            implementing roadmaps, metrics and                  lessons-learned, and how to integrate
            reporting                                           the review into ratings determination.
                                                                Discover how others have improved           5:30   Adjourn
          • Learn about technologies that
                                                                the quality of their decision making by
            accelerate movement up information
                                                                incorporating risk information directly
            Management maturity curves
                                                                into business and strategic planning, and
                                                                link your ERM programs to driving value
                                                                and improving business resiliency.




9   | RegisteR today! 888.409.4418 www.thegrcsummit.com                   the 2009 governance, Risk Management and Compliance summit
aGenda and speakinG faculTy                                                                                                   (conTinued)




daY thRee: october 1, 2009
8:00      Continental Breakfast
8:30      a Measure of success: tools to evaluate GRC Program design and operation
          • Learn how to evaluate the design and operating effectiveness of governance, risk management, and compliance (GRC) systems
          • Hear about the new procedures and criteria for GRC program design evaluation and certification
          • Expand your understanding of metrics that can be used to help GRC systems contribute to business objectives

                                        MoRninG BReaKout sessions - Choose: financial GRC or legal GRC

          financial GRC:                                       companies weather the coming                         The convergence of financial
                                                               regulatory storm. Identify how to                    governance disciplines provides the
9:15      Case study: Beyond Compliance: a
                                                               utilize general counsel to help lead the             opportunity to streamline processes,
          sox Perspective
                                                               way as far as implementing processes                 improve risk management, and create
          Learn how to embed reliable control                  and ensuring compliance. Key points of               greater transparency and visibility to
          self-assessment into your organization               focus of this session include:                       financial processes, risks and controls.
          in order to provide ongoing assurance
                                                               • How legal will overlap but not                     • Discuss the basics and best practices
          that goes far beyond Sarbanes-Oxley
                                                                 duplicate work being done by                          of financial governance
          Section 404 (SOx) compliance
                                                                 records information management                     • Provide examples of how to
          in order to achieve operational
                                                                 (RIM) and information technology                      improve and converge the efforts of
          objectives and quality control over
                                                                 (it) and corporate compliance                         internal audit, risk management and
          internal control. You will learn how
                                                                 officers                                              compliance
          to leverage your existing investment
          to achieve an embedded process that                  • How corporate legal departments                    • Offer a pragmatic approach to
          will greatly reduce costly direct testing              can influence legislative decision                    better implement risk management
          and the non-value-add burden of SOX                    makers to minimize the negative                       discipline across your finance
          compliance. Moreover, this process                     impacts on my company and                             business processes
          can be used to provide ongoing                         industry
                                                                                                                    legal GRC:
          assurance regarding the achievement                  • How to build support across the
          of all company control objectives.                     organization for an expanded general     10:30     how the financial Crisis has and will
                                                                 counsel role                                       continue to affect Governance for
          legal GRC:                                                                                                Corporate legal departments
                                                      10:15    Break and Refreshments
9:15      Bridging the Gap between legal and                                                                        We can be absolutely sure that the
          GRC                                                                                                       consequences of the financial crisis
          too often, corporate legal departments                                                                    will reach far and wide, in the form
                                                               financial GRC:
          have neglected to take an active role                                                                     of a fresh round of regulation and
          in governance decisions and oversight,      10:30    Mastering financial Governance –                     oversight that is likely to spill over into
          resulting in avoidable consequences.                 Bridging the Gap Between sox,                        many jurisdictions, with important
          Mitigating risks and preventing future               internal audit, and Risk Management                  implications for governance and
          compliance issues are both dependent                 Processes                                            corporate legal departments. While
          on setting up defensible governance                  With ever increasing regulations,                    legal’s role in governance is but one
          policies now, before regulations force               the maturity of SOX processes, and                   facet in a corporation, it is an essential
          the issue. Legal departments must                    the growing need for enhanced risk                   one. It is likely that the aftershocks of
          ensure accountability, defensibility and             management disciplines, enabling a                   the Wall Street meltdown will have
          transparency in a company’s processes,               sound financial governance strategy                  lasting effects with new rules coming
          systems, protocols, structures,                      has become very complex. Most                        around governance and transparency.
          operations and controls. the legal                   finance departments currently                        Identify ways in which you and your
          scope is growing to fulfill new roles in             manage these processes in disparate                  company’s legal department can be
          the realm of corporate governance.                   silos and systems that fail to provide               prepared for the future changes.
          General counsel is ideally positioned                an integrated view of audit, risk
          within corporations to lead important                management and financial control
          decision-making processes and help                   compliance.




  Network, Learn and Transform Your Organization!
10   | RegisteR today! 888.409.4418 www.thegrcsummit.com                  the 2009 governance, Risk Management and Compliance summit
aGenda and speakinG faculTy                                                                                       (conTinued)




daY thRee: october 1, 2009
12:00     Networking Luncheon                         2:15   Break and Refreshments
                                                      2:30   Building an effective whistle-blower
1:15      Protect and Grow shareholder value                 Program - “Best mechanism to
          with Best Practices and effective

                                                                                                              Adopt A
                                                             surface fraud and wrongdoing”
          tools
                                                             A whistle-blower function provides
            In many organizations, risk                      an important element in a more
            management and strategy                          robust enterprise risk management
            management are often treated                     framework:
            as unrelated processes. . this
            disconnected approach often fails
            to take into account the impacts
                                                             • Helps set “tone at the top” of the
                                                               organization                                Unified
            that risk might have on strategic                • Effective “detective” control
            initiatives. Strategy management
            is ultimately about creating new
            and sustainable value. Without an
                                                             • Supplements normal information &
                                                               communications systems
                                                             • Mechanism for risk monitoring
                                                                                                         Strategy To
            understanding of the inherent risks
                                                             The objectives of these programs are to:

                                                                                                          Improve
            associated with value creation, it
            is difficult to get a clear picture of           • encourage ethical and legal violations
            the strategy, or worse, no effective               to be brought forward for prompt
            path to execute the strategy. Using                resolution
            best practices and pursuing an                   • minimize the organization’s exposure
            integrated approach to strategy
            and risk management, executives
            ensure that they are focusing on the
                                                               to damage
                                                             • let employees know the organization
                                                               is serious about adherence to codes
                                                                                                        Governance,
            right initiatives to drive execution of            of conduct
            strategy and manage risk.
            Avoid Letting New Strategies and
                                                      3:30   Bringing it all together: evaluating
                                                             the Results of Your GRC Program
                                                                                                         Assess Risk
            Initiatives Fail                                 Your company has implemented a
            Learn why so many new
            strategies and initiatives often
            fail. Management often lacks the
                                                             robust GRC program, but how do you
                                                             really know if it’s designed adequately
                                                             and operating effectively? Traditional
                                                                                                        And Ensure
            ability to track strategy execution,             audit techniques may not provide you
            and the associated risks are not
            comprehensively monitored and
            managed.
                                                             with the full answer to that question.
                                                             In this presentation, participants will
                                                             gain an understanding of the following:
                                                                                                        Compliance
                                                             • Determining the scope of a
            Risk-intelligent strategic planning
                                                             comprehensive gRC audit
            provides for the ability to
            understand and manage business                   • Designing a maturity-based audit
            performance. SAP offers a solution               approach
            that integrates risk management and              • Gathering information on the soft
            strategy management processes to                   aspects of a gRC program
            effectively and proactively execute              • Reporting the results to get action
            with a complete understanding of
            underlying risks.
                                                      4:30   Conference adjourns




11   | RegisteR today! 888.409.4418 www.thegrcsummit.com                the 2009 governance, Risk Management and Compliance summit
sponsors and media parTners:

                                                            sponsors:


 Cura enables over 200 business, government     eMC works with organizations around the            aP is the world’s leading provider of business
 and other entities worldwide to achieve        world, in every industry, in the public and        software(*), offering applications and
 the bottom line benefits of enterprise-        private sectors, and of every size, from           services that enable companies of all sizes
 wide governance, risk management               startups to the fortune Global 500. our            and in more than 25 industries to become
 and compliance (GRC) and enhanced              customers include banks and other financial        best-run businesses. with more than
 performance management, through fast           services firms, manufacturers, healthcare and      86,000 customers in over 120 countries,
 implementation,    easier    configurability   life sciences organizations, internet service      the company is listed on several exchanges,
 and true enterprise architecture. Cura         and telecommunications providers, airlines         including the frankfurt stock exchange and
 has offices in new York, london, sydney,       and transportation companies, educational          nYse, under the symbol “saP.”
 Melbourne and Johannesburg, and partners       institutions, and public-sector agencies. eMC
 in 10 countries                                also provides technology, products, and services
                                                to consumers in more than 100 countries.




                                                   media parTners:




                                                associaTion sponsor:




       interested in sponsorship Or exhibiting opportunities?

                      Contact: Byron Mignanelli
                               byron@gsmiweb.com
                               or 888.409.4418



12   | RegisteR today! 888.409.4418 www.thegrcsummit.com            the 2009 governance, Risk Management and Compliance summit
RegistRation: the 2009 Governance, Risk Management and Compliance summit
                                        september 29, 30 and october 1, 2009
                                        John Hancock Hotel & Conference Center • Boston, MA


ReGistRation fee:                         by 7/10      by 8/14     after 8/15    Please fill in the following information and fax back to: (619) 923-3542

Commercial
summit only                               q $1595      q $1795     q $1995
                                                                                 name
silver Pass: summit + 1 workshop          q $2090 q $2290 q $2490
Gold Pass: summit + 2 workshops           q $ 2390 q $2590 q $2790               title
Government non Profit
                                                                                 department
forum only                                q $1295      q $1495     q $1695
silver Pass: summit + 1 workshop          q $1790      q $1990     q $2190
                                                                                 Company
Gold Pass: summit + 2 workshops           q $2090 q $ 2290 q $2490

                                                                                 Mailing address
GRouP disCounts of 5 oR MoRe:
For information about group discounts of 6 or more people and Team               City                                                state
Learning opportunities for 2009 GRC Conference, please contact Luke
Vinci at 888.409.4418 or email him at luke.vinci@gsmiweb.com
                                                                                 Zip code                       Country (if applicable)
adMinistRative note: A 10% cancellation fee on registration will be
charged for cancellations received less than three weeks from the date of        telephone                                fax
the conference. As speakers are confirmed six months before the event,
some speaker changes or topic changes may occur in the program. GSMI is
not responsible for speaker changes, but will work to ensure a comparable        email
speaker is located to participate in the program.
CanCellation & QualitY assuRanCe:                                                Payment Method:

The Global Strategic Management Institute strives to provide you with            Credit Card: q amex q visa q MasterCard                  q Check
the most productive and effective educational experience possible. If after
completing the course you feel there is some way we can improve, please          Credit Card number
provide us in writing with your comments on the evaluation for provided
up on arrival. Should you feel dissatisfied with your learning experience
                                                                                 name on Card
and wish to request a credit or refund, please submit it in writing no later
than 10 business days after the end of the training to: VP of Educational
Services, GSMI, 1804 Garnet Ave #492, San Diego, CA 92109. We will               expiration date
evaluate individual complaints in a context of collective comments from
the event.                                                                       do you have any dietary restrictions (e.g. kosher, vegetarian)? q Yes q no
A $300 service fee will be charged on cancellations received less than four
weeks from the date of the event. A credit memo will be sent reflective of       if so, please specify:
your tuition rate minus the $300 cancellation service fee. The remaining tu-
ition funds will only be valid for a future conference and must be used within
one year of the credit memo. If you do not cancel your registration before
the day of the event, you will be charged for the full conference amount. As
speakers are confirmed months before the event, some speaker changes             do you require any accommodations that require special attention?
or topic changes may occur in the program. Global Strategic Management           q Yes q no
Institute is not responsible for speaker changes, but will work to ensure a
                                                                                 if so, please specify:
comparable speaker is located to participate in the program.
                                                                                 (e.g. wheel-chair access)


venue:                                                    aCCoMModations:                                       exhiBitinG and sPonsoRshiP
The 2009 Governance, Risk Management and                  A limited number of rooms have been reserved          infoRMation:
Compliance Summit Conference will be held at:             at the John Hancock Hotel (located at the John        To learn more about exhibiting at 2009 GRC
John Hancock Hotel & Conference Center                    Hancock Conference Center) at a discount rate of      Conference, please contact Luke Vinci at
40 Trinity Pl, Boston, MA 02116                           $189 per night (contact the hotel by September
                                                                                                                888.409.4418 or email him at
                                                          10, 2009 to receive the discounted rate). also,
                                                                                                                luke.vinci@gsmiweb.com
(617) 933-7700                                            please make sure to ask for the gsMi conference
                                                          rate when you call for reservations.
www.jhcenter.com
                                                          to make reservations, call, (617) 933 7700

Contenu connexe

Tendances

Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
 
Managing Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryManaging Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryFindWhitePapers
 
Incorporating Risk Management into BCP
Incorporating Risk Management into BCPIncorporating Risk Management into BCP
Incorporating Risk Management into BCPRon Andrews
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Processregio12
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementGAURAV SHARMA
 
New Risk Management Paradigm for Not-For-Profits
New Risk Management Paradigm for Not-For-ProfitsNew Risk Management Paradigm for Not-For-Profits
New Risk Management Paradigm for Not-For-ProfitsDavid X Martin
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational riskDiane Christina
 
A strategic framework_for_governance,_ri
A strategic framework_for_governance,_riA strategic framework_for_governance,_ri
A strategic framework_for_governance,_rinmbbhe001
 
Enterprise Risk Management ~ Inovastra
Enterprise Risk Management ~ InovastraEnterprise Risk Management ~ Inovastra
Enterprise Risk Management ~ InovastraNik Hasyudeen
 
GRI ERM Roadmap - Program Overview
GRI ERM Roadmap - Program OverviewGRI ERM Roadmap - Program Overview
GRI ERM Roadmap - Program OverviewDenise Robinson
 
Common failures of risk management
Common failures of risk management   Common failures of risk management
Common failures of risk management Surajit Datta
 
CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinDavid X Martin
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...Hassan Zaitoun
 
Overview of Enterprise Risk Management (ERM)
Overview of Enterprise Risk Management (ERM)Overview of Enterprise Risk Management (ERM)
Overview of Enterprise Risk Management (ERM)Segun Ogunwale
 

Tendances (20)

Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
 
Managing Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryManaging Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate Recovery
 
Incorporating Risk Management into BCP
Incorporating Risk Management into BCPIncorporating Risk Management into BCP
Incorporating Risk Management into BCP
 
Holistic risk management
Holistic risk managementHolistic risk management
Holistic risk management
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Process
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
 
New Risk Management Paradigm for Not-For-Profits
New Risk Management Paradigm for Not-For-ProfitsNew Risk Management Paradigm for Not-For-Profits
New Risk Management Paradigm for Not-For-Profits
 
The 3 C's of Business Resumption
The 3 C's of Business ResumptionThe 3 C's of Business Resumption
The 3 C's of Business Resumption
 
Reputational Risk
Reputational RiskReputational Risk
Reputational Risk
 
The perils of a general counsel
The perils of a general counsel The perils of a general counsel
The perils of a general counsel
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational risk
 
A strategic framework_for_governance,_ri
A strategic framework_for_governance,_riA strategic framework_for_governance,_ri
A strategic framework_for_governance,_ri
 
Enterprise Risk Management ~ Inovastra
Enterprise Risk Management ~ InovastraEnterprise Risk Management ~ Inovastra
Enterprise Risk Management ~ Inovastra
 
GRI ERM Roadmap - Program Overview
GRI ERM Roadmap - Program OverviewGRI ERM Roadmap - Program Overview
GRI ERM Roadmap - Program Overview
 
The meaning of security in the 21st century
The meaning of security in the 21st centuryThe meaning of security in the 21st century
The meaning of security in the 21st century
 
Common failures of risk management
Common failures of risk management   Common failures of risk management
Common failures of risk management
 
CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martin
 
The Lesson of Lost Value
The Lesson of Lost ValueThe Lesson of Lost Value
The Lesson of Lost Value
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...
 
Overview of Enterprise Risk Management (ERM)
Overview of Enterprise Risk Management (ERM)Overview of Enterprise Risk Management (ERM)
Overview of Enterprise Risk Management (ERM)
 

En vedette

The Health Connectivity Summit
The Health Connectivity SummitThe Health Connectivity Summit
The Health Connectivity SummitGSMIweb
 
Social Media Trends: How Advanced Organizations Achieve Success-David F. Gian...
Social Media Trends: How Advanced Organizations Achieve Success-David F. Gian...Social Media Trends: How Advanced Organizations Achieve Success-David F. Gian...
Social Media Trends: How Advanced Organizations Achieve Success-David F. Gian...GSMIweb
 
The Sustainable Buildings Series: Retrofits
The Sustainable Buildings Series: RetrofitsThe Sustainable Buildings Series: Retrofits
The Sustainable Buildings Series: RetrofitsGSMIweb
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveMax Neira Schliemann
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad ReviewsGlassdoor
 

En vedette (6)

The Health Connectivity Summit
The Health Connectivity SummitThe Health Connectivity Summit
The Health Connectivity Summit
 
Social Media Trends: How Advanced Organizations Achieve Success-David F. Gian...
Social Media Trends: How Advanced Organizations Achieve Success-David F. Gian...Social Media Trends: How Advanced Organizations Achieve Success-David F. Gian...
Social Media Trends: How Advanced Organizations Achieve Success-David F. Gian...
 
Erm talking points
Erm talking pointsErm talking points
Erm talking points
 
The Sustainable Buildings Series: Retrofits
The Sustainable Buildings Series: RetrofitsThe Sustainable Buildings Series: Retrofits
The Sustainable Buildings Series: Retrofits
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad Reviews
 

Similaire à The 2010 Governance Risk & Compliance Summit

13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance StrategyQuekelsBaro
 
FERMA European Risk Management Benchmarking Survey 2012 – Brochure
FERMA European Risk Management Benchmarking Survey 2012 – BrochureFERMA European Risk Management Benchmarking Survey 2012 – Brochure
FERMA European Risk Management Benchmarking Survey 2012 – BrochureFERMA
 
Integrated Trade Compliance Strategy
Integrated Trade Compliance StrategyIntegrated Trade Compliance Strategy
Integrated Trade Compliance StrategyGHY International
 
Integrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational StrategyIntegrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational Strategyhenrytk2
 
CHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docx
CHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docxCHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docx
CHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docxketurahhazelhurst
 
How to Hire a Great CRO
How to Hire a Great CROHow to Hire a Great CRO
How to Hire a Great CROThe IRM India
 
StratexSystems_270115
StratexSystems_270115StratexSystems_270115
StratexSystems_270115Andrew Smart
 
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
 
An Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and ProductsAn Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and Productss0P5a41b
 
Business Continuity Management-The Case for Return on Investment-white paper
Business Continuity Management-The Case for Return on  Investment-white paperBusiness Continuity Management-The Case for Return on  Investment-white paper
Business Continuity Management-The Case for Return on Investment-white paperGreg Cybulski, CBCP, ARM
 
J-Sox Perspective
J-Sox PerspectiveJ-Sox Perspective
J-Sox Perspectivetravismd
 
Strengthening governance, risk and compliance in the insurance industry
Strengthening governance, risk and compliance in the insurance industryStrengthening governance, risk and compliance in the insurance industry
Strengthening governance, risk and compliance in the insurance industryJordi Planas Manzano
 
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeEnterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeCareer Communications Group
 
I need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docxI need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docx4934bk
 
I need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docxI need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docxbkbk37
 

Similaire à The 2010 Governance Risk & Compliance Summit (20)

13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
 
FERMA European Risk Management Benchmarking Survey 2012 – Brochure
FERMA European Risk Management Benchmarking Survey 2012 – BrochureFERMA European Risk Management Benchmarking Survey 2012 – Brochure
FERMA European Risk Management Benchmarking Survey 2012 – Brochure
 
Integrated Trade Compliance Strategy
Integrated Trade Compliance StrategyIntegrated Trade Compliance Strategy
Integrated Trade Compliance Strategy
 
Integrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational StrategyIntegrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational Strategy
 
CHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docx
CHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docxCHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docx
CHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docx
 
Descriptor MetisGRC
Descriptor MetisGRCDescriptor MetisGRC
Descriptor MetisGRC
 
How to Hire a Great CRO
How to Hire a Great CROHow to Hire a Great CRO
How to Hire a Great CRO
 
StratexSystems_270115
StratexSystems_270115StratexSystems_270115
StratexSystems_270115
 
grc-today-oct-2015
grc-today-oct-2015grc-today-oct-2015
grc-today-oct-2015
 
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
 
An Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and ProductsAn Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and Products
 
Business Continuity Management-The Case for Return on Investment-white paper
Business Continuity Management-The Case for Return on  Investment-white paperBusiness Continuity Management-The Case for Return on  Investment-white paper
Business Continuity Management-The Case for Return on Investment-white paper
 
Control Risks-ERM-whitepaper
Control Risks-ERM-whitepaperControl Risks-ERM-whitepaper
Control Risks-ERM-whitepaper
 
CRO Insight
CRO InsightCRO Insight
CRO Insight
 
J-Sox Perspective
J-Sox PerspectiveJ-Sox Perspective
J-Sox Perspective
 
Strengthening governance, risk and compliance in the insurance industry
Strengthening governance, risk and compliance in the insurance industryStrengthening governance, risk and compliance in the insurance industry
Strengthening governance, risk and compliance in the insurance industry
 
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeEnterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation Age
 
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
Concept of Governance - Management of Operational Risk for IT Officers/Execut...Concept of Governance - Management of Operational Risk for IT Officers/Execut...
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
 
I need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docxI need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docx
 
I need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docxI need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docx
 

Dernier

HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptxHELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptxHelene Heckrotte
 
Slicing Work on Business Agility Meetup Berlin
Slicing Work on Business Agility Meetup BerlinSlicing Work on Business Agility Meetup Berlin
Slicing Work on Business Agility Meetup BerlinAnton Skornyakov
 
Project Brief & Information Architecture Report
Project Brief & Information Architecture ReportProject Brief & Information Architecture Report
Project Brief & Information Architecture Reportamberjiles31
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBBPMedia1
 
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdfGraham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdfAnhNguyen97152
 
Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..dlewis191
 
MoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor PresentationMoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor Presentationbaron83
 
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...TalentView
 
PDT 89 - $1.4M - Seed - Plantee Innovations.pdf
PDT 89 - $1.4M - Seed - Plantee Innovations.pdfPDT 89 - $1.4M - Seed - Plantee Innovations.pdf
PDT 89 - $1.4M - Seed - Plantee Innovations.pdfHajeJanKamps
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...AustraliaChapterIIBA
 
Fabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsFabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsWristbands Ireland
 
Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024Borderless Access
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGlokeshwarmaha
 
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for BusinessQ2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for BusinessAPCO
 
Upgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsUpgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsIntellect Design Arena Ltd
 
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)tazeenaila12
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 
Mihir Menda - Member of Supervisory Board at RMZ
Mihir Menda - Member of Supervisory Board at RMZMihir Menda - Member of Supervisory Board at RMZ
Mihir Menda - Member of Supervisory Board at RMZKanakChauhan5
 
Building Your Personal Brand on LinkedIn - Expert Planet- 2024
 Building Your Personal Brand on LinkedIn - Expert Planet-  2024 Building Your Personal Brand on LinkedIn - Expert Planet-  2024
Building Your Personal Brand on LinkedIn - Expert Planet- 2024Stephan Koning
 
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003believeminhh
 

Dernier (20)

HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptxHELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
 
Slicing Work on Business Agility Meetup Berlin
Slicing Work on Business Agility Meetup BerlinSlicing Work on Business Agility Meetup Berlin
Slicing Work on Business Agility Meetup Berlin
 
Project Brief & Information Architecture Report
Project Brief & Information Architecture ReportProject Brief & Information Architecture Report
Project Brief & Information Architecture Report
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
 
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdfGraham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdf
 
Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..
 
MoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor PresentationMoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor Presentation
 
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
TalentView Webinar: Empowering the Modern Workforce_ Redefininig Success from...
 
PDT 89 - $1.4M - Seed - Plantee Innovations.pdf
PDT 89 - $1.4M - Seed - Plantee Innovations.pdfPDT 89 - $1.4M - Seed - Plantee Innovations.pdf
PDT 89 - $1.4M - Seed - Plantee Innovations.pdf
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
 
Fabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsFabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and Festivals
 
Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
 
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for BusinessQ2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
 
Upgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsUpgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking Applications
 
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
Harvard Business Review.pptx | Navigating Labor Unrest (March-April 2024)
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 
Mihir Menda - Member of Supervisory Board at RMZ
Mihir Menda - Member of Supervisory Board at RMZMihir Menda - Member of Supervisory Board at RMZ
Mihir Menda - Member of Supervisory Board at RMZ
 
Building Your Personal Brand on LinkedIn - Expert Planet- 2024
 Building Your Personal Brand on LinkedIn - Expert Planet-  2024 Building Your Personal Brand on LinkedIn - Expert Planet-  2024
Building Your Personal Brand on LinkedIn - Expert Planet- 2024
 
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
 

The 2010 Governance Risk & Compliance Summit

  • 1. Governance, Re gu The 2009 gi st Au Sa st 14 er t risk manaGemenT ve by h $4 compliance summiT 00 and Develop an Integrated Approach to Risk Management, Compliance and Corporate Governance sepTember 29, 30 & ocTober 1, 2009 John hancock hoTel & conference cenTer bosTon, ma This comprehensive Governance, risk and compliance (Grc) evenT will demonsTraTe how To: • Identify a methodology to link process and technology, effectively bridging together internal audit, risk management, information security, operations and compliance functions. • Utilize GRC to effectively execute corporate strategy in tough economic times • Grow GRC capabilities and transform a reactive and technologically focused approach, into a proactive and risk based approach Presented by: Sponsors:
  • 2. Enable Your Organization to Anticipate and Manage Business Risk while More Effectively Delivering Value Dear GRC Executive, Today’s organization is a complex multiplicity of global processes and business relationships. Organizations are struggling to identify, manage, and control Governance, Risk Management, and Corporate Compliance (GRC) across business relationships. At the 2009 Governance, Risk Management, and Compliance Conference you will learn to effectively enable your organization to anticipate and manage business risk while more effectively delivering value for the organization. PREPARING FOR AN UNCERTAIN FUTURE ADOPT AN INTEGRATED APPROACH Ignoring or misunderstanding financial risks played a GRC is often positioned as a single business activity, when it substantial role in creating the world financial crisis in 2008. actually includes multiple overlapping and related activities The financial crisis has essentially undone the last decade of within an organization including internal audit, compliance deregulation, and corporate leaders and legal teams will bear programs like SOX, enterprise risk management (ERM), the responsibility of rebuilding whole industries from the operational risk, and incident management among others. ground up. Business leaders everywhere should be asking Within the GRC realm, if the first element –Governance--is themselves what could have been done differently and what not in place, the second two elements -Risk Management and can be done in the future to avoid crisis of this proportion. Compliance- become irrelevant and cannot be meaningfully A large portion of the answer lies in the area of governance achieved. Likewise, if second element --Risk Management-- itself. Businesses need sound, ethical and well-planned is not in place then achieving Compliance becomes irrelevant building blocks on which to found their governance and generally cannot be meaningfully achieved. principles, regardless of future regulations. Implementing It is necessary to improve each of the elements of your internal controls, breaking down communication barriers organization’s GRC initiative as well as increase overall between departments and centralizing information are vital performance by breaking down communication barriers to proper corporate governance. between finance, IT (Information Technology) and Legal According to a study by The Economist Intelligence Unit, departments. Organizations must evaluate their financial “Companies are beginning to realize that the full value activities to ensure the correct operation of all financial of [governance] depends in large part on the policies and processes, as well as compliance with any finance-related procedures that govern and control its use, access, analysis, mandates. Learn how to strike an appropriate balance retention and protection.” In a poll conducted by the EIU: between business reward and risk. Ensure that the IT organization supports the current and future needs of the “… 77% of respondents expect … governance to be … business, and complies with all IT-related mandates. Finally, very important to their company’s success over the next three tie all three components together through your organization's years. As a result, many firms have begun building the legal department and Chief Compliance Officer. foundation for … governance policies. A majority (65%) have defined policies around how information is to be stored Join GSMI on September 29th, 30th and October 1st in John and shared among employees and stakeholders. Furthermore, Hancock Hotel & Conference Center - Boston for the 2009 some organizations are forming formal governance bodies GRC Conference to learn strategies to join the movement to create strategies, policies and procedures surrounding the from managing risk as a transaction or compliance activity distribution of information inside and outside the firm. This to adding business value by improving operational decision is a good start, but considering that 68% of respondents also making and strategic planning. Register today by calling expect that the complexity of their company’s information 888.409.4418 or visit us at www.gsmiweb.com. I hope to governance issues will grow over the next three years, there is see you this September! little time to waste.” Regards, Luke Vinci President, GSMI 2 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 3. Adopt an Integrated Approach to Governance, Risk and Compliance WHO SHOULd ATTEnd? Managers and executives involved in Governance, Risk Management and Compliance: • Governance, risk, compliance • Manager, Enterprise Risk Management (gRC) staff • Risk analysts • CFO • Chief Risk Officers • ARM • ARM-P venue: • Chief Legal Counsel • IT governance directors/managers the 2009 GRC Conference will be held at John • Chief Compliance Officer •I T risk directors/managers hancock hotel & Conference Center, Boston, • VPs of Risk Management Ma • IT compliance directors/managers • VP of Finance • IT Audit directors/managers accommodations: • Treasurers • Information security directors/ a limited number of rooms have been reserved • Controllers managers at the John hancock hotel (located at the John hancock Conference Center) at a discount • Director, Internal audit • IT directors/ consultants rate of $189 per night (contact the hotel by • Director, Operational Risk september 10, 2009 to receive the discounted rate). also, please make sure to ask for the GsMi involved in the followinG aReas: conference rate when you call for reservations. to make reservations, call, 617 933 7700. • Audit • Legal • Compliance • Governmental affairs • Governance • IT • Risk management • Accounting • Sarbanes Oxley (SOX) • Finance • Ethics • Reliability • Regulatory • Quality assurance Mitigate Risks and Prevent Future Compliance Issues 3 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 4. Agenda at a Glance day One - September 29, 2009 8:30 Continental Breakfast and Workshop Registration 12:00 Luncheon Breakout sessions Breakout sessions 9:00 workshop a: workshop B: 1:15 workshop C: workshop d: Leveraging Your Compliance Aligning ERM to Strategy Practical Application of Lead- ERM Process Improvement Program Toward Corporate through the Balanced ing Practices in Regulatory governance Scorecard (BSC) Compliance 4:15 Adjourn day Two - September 30, 2009 8:00 Continental Breakfast and Registration Breakout sessions 8:45 Keynote: Stakeholder Reputation Risk: The Real Driver Behind it GRC: eRM: Coordinated GRC Policies 2:15 developing Metrics and Case Study: Putting the “R” 9:40 Integrated GRC: Assurance Integration with Real ROI Measures for information in gRC, an enterprise Risk governance Management (ERM) Perspective 10:35 Break and Refreshments 10:50 Best Practices to Achieve Results with Governance Risk and 3:15 Break and Refreshments Compliance Breakout sessions 11:35 Choosing the Right GRC Software it GRC: eRM: 3:30 12:15 Networking Luncheon GAIT for Business and IT Risk Learn How Your ERM Strategy Can Enhance Your Company’s Value and Credit Rating Breakout sessions 4:30 it GRC: eRM: 1:15 it GRC: eRM: Security By Compliance - A iso 31000 and eRM governance, Risk, Compliance Utilizing ERM to Rebuild our discussion of information Risk - and Mobility Economy Management’s Greatest Challenge 5:30 Adjourn day Three - October 1, 2009 8:00 Continental Breakfast 12:00 Networking Luncheon 8:30 A Measure of Success:Tools to Evaluate GRC Program Design 1:15 Protect and Grow Shareholder Value with Best Practices and and operation effective tool Breakout sessions 1:45 Panel Discussion - Establishing GRC Goals and Performance 9:15 Metrics financial GRC legal GRC: Case Study: Beyond Bridging the Gap between 2:15 Break and Refreshments Compliance: A SOX Perspective Legal and GRC 2:30 Building an Effective Whistle-blower Program - “Best mechanism to 10:15 Break and Refreshments surface fraud and wrongdoing” Breakout sessions 3: 30 Bringing it all Together: Evaluating the Results of Your GRC Program 10:30 financial GRC: legal GRC: 4:30 Conference Adjourn Mastering Financial Governance How the financial crisis will – Bridging the Gap Between affect governance for corporate SOX, Internal Audit, and Risk legal departments Management Processes 4 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 5. 5 5 Reasons to Attend 2009 GRC Conference 1. integrate Learn from leaders in risk management, governance and compliance how to achieve compliance and insure ethical conduct while meeting general business objectives. Take lessons learned back home to your organization’s GRC silo leaders and facilitate integration among your entire company. 2. Connect Network with your peers from organizations throughout the country and around the world. Learn how others are implementing and improving GRC initiatives and programs for today’s economy. There will be ample opportunity for networking during our receptions, meals, breaks and informative sessions. 3. focus Four interactive break out tracks. Identify case studies and lessons learned to manage, measure, improve and integrate your GRC functions across all silos – IT, Financial and Legal. 4. evolve Information security is quickly evolving into information risk management. The enterprise of today can no longer rely on technology alone to protect information and information infrastructure, and requires a business approach to information risk management, governance, and compliance to be successful. Gain insight and guidance on key issues faced by enterprises today, as they mature their capabilities and transform a reactive and technologically focused approach to information security, into a proactive and risk based one. 5. save Simplify GRC and reduce costs by managing multiple regulatory requirements with one enterprise GRC platform.. 5 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 6. feaTured speakers Michael Rasmussen, patricia Florissi, Chris Boswell, President, Risk & Distinguished Engineer, Director Risk and Compliance Advisor, Strategic Initiative Leader, Compliance Services, CORpORATE Governance, Risk and CA, InC InTEGRITy, LLC Compliance, EMC, InC Mark Smith, Geoffrey Buswick, Johannes Swanepoel, CEO & EVP Research, Managing Director, Director Enterprise VEnTAnA Boston Head Office, Risk Management, RESEARCH STAndARd & pOORS CURA SOFTWARE CORpORATE And GOVERnMEnT RATInGS nick Bako, CMA, Ranga Bodla, Chief Risk Officer, Director, Solution Marketing, OnTARIO LOTTERy EpM And GRC. And GAMInG SAp, InC. oTher speakers include: • Jason Mefford, • Irving Kagan, • Steven Saporito, VP of Business Process Assurance, Kagan Consultants Managing Director, Enterprise Ventura Foods and Risk Finance Practice, • Brad Vorhies, • Tony Tarantino, Phd, Author willis re Manager of Financial Controls Compliance, and Adjunct Professor of Finance at energy Future Holdings santa Clara uniVersity • Dr. Prodyot Samanta, Managing Director, • Carole L. Basri, tHrideye risKinsigHts • Dave Ingram, Senior VP, University of Penn Law School, willis re Corporate lawyering group llC 6 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 7. Best Practices and Strategies from Leaders in GRC! aGenda and speakinG faculTy daY one: Pre-Conference workshops: september 29, 2009 8:30 Continental Breakfast 12:00 Luncheon and Registration 9:00 workshop a: 9:00 workshop B: 1:15 workshop C: 1:15 workshop d: leveraging Your Compliance aligning eRM to strategy through Practical application of leading eRM Process improvement Program toward Corporate the Balanced scorecard (BsC) Practices in Learn to benchmark your Governance The COSO Framework describes Regulatory Compliance organizations enterprise risk gain an understanding of various eRM as a process that guides the Today companies face the challenge management (eRM) structure, paradigms around corporate achievement of strategic objectives. of establishing a consistent set of process, and practices with COSOs governance, risk management, and Because of the integral role ERM processes, practices and systems that ERM Integrated Framework. This compliance (gRC). discuss the plays in strategy execution, it support external compliance and workshop will identify opportunities many challenges involved in aligning must be understood throughout internal self-assessment. Join us for this for improving your organizations GRC within an organization. the entire organization. the workshop to identify leading practices ERM process by sharing and Join us for this practical workshop Balanced Scorecard (BSC) is a that are being used by companies to comparing practices with other and identify: performance measurement system create proactive programs that are eRM practitioners. attendees in that communicates organizational sustainable and adaptable in the face of this workshop will: • How one company is working progress in executing strategy countless regulatory expectations and • Participate in a series of through challenges of aligning across four perspectives (financial, requirements across the physical and discussions on eRM challenges gRC; customer, internal processes, financial markets. and strategies for sustaining the • Resources available to help learning and growth). At the core Workshop attendees will gain an eRM process. your company work through of the BSC is a strategy map that compliance challenges; and understanding of the key components • Validate the ERM approach and shows the strategic linkage between of a compliance program as well as identify any blind spots. • Various approaches for organizational objectives.Through gain valuable insight regarding the leveraging your existing integrating objectives related to regulatory compliance capability compliance and risk addressing specific risks into the maturity of their own organizations. management programs to strategy map, organizations can Some specific leading practices improve corporate governance create initiatives that make eRM an discussed include: integral part of strategy execution. • Risk Assessment Processes In this comprehensive workshop, • Organizational Structure you will experience a hands-on approach to incorporating eRM • Underlying Policies and into organizational strategy through Procedures using the BSC and the strategy map • Control and Monitoring that supports it. Mechanisms • IT Systems and Information Management Effectively Manage and Track GRC Activities Across an Enterprise 7 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 8. aGenda and speakinG faculTy (conTinued) daY two: september 30, 2009 8:00 Continental Breakfast 9:40 integrated GRC: assurance ries to assess your current vendors integration with Real Roi and technologies and examine new 8:45 Keynote: stakeholder Reputation Integrated GRC in the Virtual, Hyper- ones. Unfortunately the majority of Risk: the Real driver Behind Coor- Extended Business: Integration of organizations lack the technology dinated GRC Policies GRC silos for Real ROI. Find out know-how for making improvements A key component in the emerging from monitoring to automation and why integration is the key to success regime of coordinated governance, risk, control to the specific analytics and and why it is often the major cause and compliance (gRC) management is metrics required to successful with of corporate governance failures ensuring that the company’s business GRC. This session will provide clarity as organizations transition to new is conducted in a manner that serves on the scope of GRC and the software business models in the virtual world. its various stakeholders in an effective, that can best meet an organization Discover new approaches for compliant, and untainted fashion. a needs while leveraging existing invest- leveraging performance management true indicator of the success or failure ments and provide the tools for every and infrastructure monitoring systems of this internal company effort is participant to make the best decision to harvest empirical evidence for gRC. the company’s imputed goodwill or for their organization. Learn how to reduce the cost and reputation, arguably the most valuable, complexity of your company’s silo’d yet fragile, attribute a company gRC initiatives and gain insight into possesses. 12:15 Networking Luncheon new strategies, tactics and approaches This keynote presentation will explore to optimize your infrastructure to how the imposition of recent — and create real return on investment. BReaKout sessions the strengthening of longstanding — compliance obligations have 10:35 Break and Refreshments Choose: it GRC or eRM compounded the responsibilities of 10:50 Best Practices to achieve Results it GRC: professionals charged with enforcing with Governance Risk and governance, risk, compliance, audit and Compliance 1:15 developing Metrics and Measures ethics roles. It will examine compliance for information Governance This session will cover the evolution of measures and their practical impact on Information Governance has become governance, risk and compliance (gRC) companies, due to: a critical issue within organizations, and management and discuss how it is being • The expansive reach of the shaped by key stakeholders including a key success factor for businesses. requirements consultants, regulators and end-users. In order to effectively maintain the • The lack of precedents Identify various approaches to GRC and stewardship, integrity and security highlight the strengths and weaknesses of of an organization’s information • The emphasis on self-disclosure each approach to cut through the hype infrastructure effective metrics • The uncertainty over due process and measures must be developed, rights in enforcement and identify areas where true value can be derived today. Attendees will also learn implemented, and monitored. this It will further examine how these session will cover the concept of tips and tricks to help streamline risk, elements expose the company’s enterprise metrics and measures in the compliance and audit processes. reputation to immediate risk, and how context of Information Governance to structure a GRC culture within 11:35 Choosing the Right GRC software maturity as well as the issues that the organization to address these Assess Your Needs and Establish Evalu- must be considered when developing, exposures in a manner ensuring that ation Criteria for Finance, Operations implementing and monitoring them. compliance issues are disseminated and it Attendees will participate in an effectively through the organization interactive session to: the challenges for organizations in and implemented enterprise-wide. addressing the spectrum of governance, • Identify current and target States on Further, identify a coherent integrated risk and compliance (gRC) is having an Information Governance Maturity GRC effort developed by senior clarity in the requirements for ad- Model management in collaboration with the dressing the specific process needs • Discuss challenges and strategies in governance, risk, compliance, audit, legal across business and IT. GRC has specific implementing roadmaps, metrics and and ethics team to drive the entire needs for finance, operations and IT reporting organization to foster and protect a areas where the specific competencies company’s stakeholder reputation. • Learn about technologies that across people, processes, information accelerate movement up information and technology need to be reviewed Management maturity curves for determining the right steps for improvement.To do this successfully is to understand the evaluation catego- 8 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 9. aGenda and speakinG faculTy (conTinued) daY two: september 30, 2009 (Continued) BReaKout sessions - Choose: it GRC or eRM eRM: eRM: it GRC: 1:15 utilizing eRM to Rebuild our 2:15 Case study: Putting the “R” in GRC, 4:30 security By Compliance - a discus- economy an enterprise Risk Management sion of information Risk Manage- What role, if any, did ERM play in (eRM) Perspective ment's Greatest Challenge the collapse of the financial markets? As compliance issues have become When most organizations today enterprise Risk Management can increasingly important and the magnitude think about information protection, be the tool to rebuild our economy. of their consequences has escalated, compliance is at the top of that list. This session will evaluate how ERM the interface between governance This new level of consciousness has is shaping business and how to use risk and compliance has moved up in become both a tremendous benefit it your advantage. You’ll hear the prominence not just among regulators, to information security professionals perspectives from rating agencies, but among stakeholders, shareholders, as well as their greatest fear. The updates on the latest S&P initiatives, and management. This session will leadership of many companies are tools you can use to implement describe how these GRC elements are now falling into the trap of feeling ERM going forward, how financial integrated with a focus on the role of secure merely because they are institutions’ failures reflect on their enterprise risk management in strategic compliant; however simply meeting eRM practices, and other current issues and operational planning. legal and regulatory compliance of relevance. requirements, does not necessarily 3:15 Break and Refreshments mean that companies have fulfilled it GRC: it GRC: their requirements for information 2:15 developing Metrics and Measures risk management and protection. 3:30 Gait for Business and it Risk for information Governance Learn how to take advantage of the Discover why leading-edge chief audit benefits created by new compliance Information Governance has become executives and audit practitioners say requirements, while also overcoming a critical issue within organizations, and there is no such thing as information the challenge of this new operating a key success factor for businesses. technology (IT) risk. Discuss the procedure. In order to effectively maintain the relationship between business risk and stewardship, integrity and security IT risk. Review the methodology in eRM: of an organization’s information the guide to the assessment of it Risk 4:30 iso 31000 and eRM infrastructure effective metrics (GAIT) publication GAIT for Business and measures must be developed, the international risk management and IT Risk and how it is used to implemented, and monitored. this framework is scheduled to be ensure efficient auditing of IT. Develop session will cover the concept of published in 2009. Most risk a solid understanding of the gait for enterprise metrics and measures in the professionals recognize the importance Business and IT Risk methodology as context of Information Governance of a formalized framework to ensure well as the ability to apply it. maturity as well as the issues that the successful implementation of must be considered when developing, eRM: enterprise risk management (eRM). implementing and monitoring them. Starting with the ISO 31000 risk 3:30 learn how Your eRM strategy Can management process schedule, Attendees will participate in an enhance Your Company's value and learn how to tailor ERM to the interactive session to: Credit Rating individual needs of any organization, • Identify current and target States on Reviewing the quality of enterprise align risk management objectives to an Information Governance Maturity risk management (eRM) programs is organizational strategic goals and Model no easy task. Learn directly about the missions and graft eRM culture onto • Discuss challenges and strategies in review process, major findings and existing corporate culture. implementing roadmaps, metrics and lessons-learned, and how to integrate reporting the review into ratings determination. Discover how others have improved 5:30 Adjourn • Learn about technologies that the quality of their decision making by accelerate movement up information incorporating risk information directly Management maturity curves into business and strategic planning, and link your ERM programs to driving value and improving business resiliency. 9 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 10. aGenda and speakinG faculTy (conTinued) daY thRee: october 1, 2009 8:00 Continental Breakfast 8:30 a Measure of success: tools to evaluate GRC Program design and operation • Learn how to evaluate the design and operating effectiveness of governance, risk management, and compliance (GRC) systems • Hear about the new procedures and criteria for GRC program design evaluation and certification • Expand your understanding of metrics that can be used to help GRC systems contribute to business objectives MoRninG BReaKout sessions - Choose: financial GRC or legal GRC financial GRC: companies weather the coming The convergence of financial regulatory storm. Identify how to governance disciplines provides the 9:15 Case study: Beyond Compliance: a utilize general counsel to help lead the opportunity to streamline processes, sox Perspective way as far as implementing processes improve risk management, and create Learn how to embed reliable control and ensuring compliance. Key points of greater transparency and visibility to self-assessment into your organization focus of this session include: financial processes, risks and controls. in order to provide ongoing assurance • How legal will overlap but not • Discuss the basics and best practices that goes far beyond Sarbanes-Oxley duplicate work being done by of financial governance Section 404 (SOx) compliance records information management • Provide examples of how to in order to achieve operational (RIM) and information technology improve and converge the efforts of objectives and quality control over (it) and corporate compliance internal audit, risk management and internal control. You will learn how officers compliance to leverage your existing investment to achieve an embedded process that • How corporate legal departments • Offer a pragmatic approach to will greatly reduce costly direct testing can influence legislative decision better implement risk management and the non-value-add burden of SOX makers to minimize the negative discipline across your finance compliance. Moreover, this process impacts on my company and business processes can be used to provide ongoing industry legal GRC: assurance regarding the achievement • How to build support across the of all company control objectives. organization for an expanded general 10:30 how the financial Crisis has and will counsel role continue to affect Governance for legal GRC: Corporate legal departments 10:15 Break and Refreshments 9:15 Bridging the Gap between legal and We can be absolutely sure that the GRC consequences of the financial crisis too often, corporate legal departments will reach far and wide, in the form financial GRC: have neglected to take an active role of a fresh round of regulation and in governance decisions and oversight, 10:30 Mastering financial Governance – oversight that is likely to spill over into resulting in avoidable consequences. Bridging the Gap Between sox, many jurisdictions, with important Mitigating risks and preventing future internal audit, and Risk Management implications for governance and compliance issues are both dependent Processes corporate legal departments. While on setting up defensible governance With ever increasing regulations, legal’s role in governance is but one policies now, before regulations force the maturity of SOX processes, and facet in a corporation, it is an essential the issue. Legal departments must the growing need for enhanced risk one. It is likely that the aftershocks of ensure accountability, defensibility and management disciplines, enabling a the Wall Street meltdown will have transparency in a company’s processes, sound financial governance strategy lasting effects with new rules coming systems, protocols, structures, has become very complex. Most around governance and transparency. operations and controls. the legal finance departments currently Identify ways in which you and your scope is growing to fulfill new roles in manage these processes in disparate company’s legal department can be the realm of corporate governance. silos and systems that fail to provide prepared for the future changes. General counsel is ideally positioned an integrated view of audit, risk within corporations to lead important management and financial control decision-making processes and help compliance. Network, Learn and Transform Your Organization! 10 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 11. aGenda and speakinG faculTy (conTinued) daY thRee: october 1, 2009 12:00 Networking Luncheon 2:15 Break and Refreshments 2:30 Building an effective whistle-blower 1:15 Protect and Grow shareholder value Program - “Best mechanism to with Best Practices and effective Adopt A surface fraud and wrongdoing” tools A whistle-blower function provides In many organizations, risk an important element in a more management and strategy robust enterprise risk management management are often treated framework: as unrelated processes. . this disconnected approach often fails to take into account the impacts • Helps set “tone at the top” of the organization Unified that risk might have on strategic • Effective “detective” control initiatives. Strategy management is ultimately about creating new and sustainable value. Without an • Supplements normal information & communications systems • Mechanism for risk monitoring Strategy To understanding of the inherent risks The objectives of these programs are to: Improve associated with value creation, it is difficult to get a clear picture of • encourage ethical and legal violations the strategy, or worse, no effective to be brought forward for prompt path to execute the strategy. Using resolution best practices and pursuing an • minimize the organization’s exposure integrated approach to strategy and risk management, executives ensure that they are focusing on the to damage • let employees know the organization is serious about adherence to codes Governance, right initiatives to drive execution of of conduct strategy and manage risk. Avoid Letting New Strategies and 3:30 Bringing it all together: evaluating the Results of Your GRC Program Assess Risk Initiatives Fail Your company has implemented a Learn why so many new strategies and initiatives often fail. Management often lacks the robust GRC program, but how do you really know if it’s designed adequately and operating effectively? Traditional And Ensure ability to track strategy execution, audit techniques may not provide you and the associated risks are not comprehensively monitored and managed. with the full answer to that question. In this presentation, participants will gain an understanding of the following: Compliance • Determining the scope of a Risk-intelligent strategic planning comprehensive gRC audit provides for the ability to understand and manage business • Designing a maturity-based audit performance. SAP offers a solution approach that integrates risk management and • Gathering information on the soft strategy management processes to aspects of a gRC program effectively and proactively execute • Reporting the results to get action with a complete understanding of underlying risks. 4:30 Conference adjourns 11 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 12. sponsors and media parTners: sponsors: Cura enables over 200 business, government eMC works with organizations around the aP is the world’s leading provider of business and other entities worldwide to achieve world, in every industry, in the public and software(*), offering applications and the bottom line benefits of enterprise- private sectors, and of every size, from services that enable companies of all sizes wide governance, risk management startups to the fortune Global 500. our and in more than 25 industries to become and compliance (GRC) and enhanced customers include banks and other financial best-run businesses. with more than performance management, through fast services firms, manufacturers, healthcare and 86,000 customers in over 120 countries, implementation, easier configurability life sciences organizations, internet service the company is listed on several exchanges, and true enterprise architecture. Cura and telecommunications providers, airlines including the frankfurt stock exchange and has offices in new York, london, sydney, and transportation companies, educational nYse, under the symbol “saP.” Melbourne and Johannesburg, and partners institutions, and public-sector agencies. eMC in 10 countries also provides technology, products, and services to consumers in more than 100 countries. media parTners: associaTion sponsor: interested in sponsorship Or exhibiting opportunities? Contact: Byron Mignanelli byron@gsmiweb.com or 888.409.4418 12 | RegisteR today! 888.409.4418 www.thegrcsummit.com the 2009 governance, Risk Management and Compliance summit
  • 13. RegistRation: the 2009 Governance, Risk Management and Compliance summit september 29, 30 and october 1, 2009 John Hancock Hotel & Conference Center • Boston, MA ReGistRation fee: by 7/10 by 8/14 after 8/15 Please fill in the following information and fax back to: (619) 923-3542 Commercial summit only q $1595 q $1795 q $1995 name silver Pass: summit + 1 workshop q $2090 q $2290 q $2490 Gold Pass: summit + 2 workshops q $ 2390 q $2590 q $2790 title Government non Profit department forum only q $1295 q $1495 q $1695 silver Pass: summit + 1 workshop q $1790 q $1990 q $2190 Company Gold Pass: summit + 2 workshops q $2090 q $ 2290 q $2490 Mailing address GRouP disCounts of 5 oR MoRe: For information about group discounts of 6 or more people and Team City state Learning opportunities for 2009 GRC Conference, please contact Luke Vinci at 888.409.4418 or email him at luke.vinci@gsmiweb.com Zip code Country (if applicable) adMinistRative note: A 10% cancellation fee on registration will be charged for cancellations received less than three weeks from the date of telephone fax the conference. As speakers are confirmed six months before the event, some speaker changes or topic changes may occur in the program. GSMI is not responsible for speaker changes, but will work to ensure a comparable email speaker is located to participate in the program. CanCellation & QualitY assuRanCe: Payment Method: The Global Strategic Management Institute strives to provide you with Credit Card: q amex q visa q MasterCard q Check the most productive and effective educational experience possible. If after completing the course you feel there is some way we can improve, please Credit Card number provide us in writing with your comments on the evaluation for provided up on arrival. Should you feel dissatisfied with your learning experience name on Card and wish to request a credit or refund, please submit it in writing no later than 10 business days after the end of the training to: VP of Educational Services, GSMI, 1804 Garnet Ave #492, San Diego, CA 92109. We will expiration date evaluate individual complaints in a context of collective comments from the event. do you have any dietary restrictions (e.g. kosher, vegetarian)? q Yes q no A $300 service fee will be charged on cancellations received less than four weeks from the date of the event. A credit memo will be sent reflective of if so, please specify: your tuition rate minus the $300 cancellation service fee. The remaining tu- ition funds will only be valid for a future conference and must be used within one year of the credit memo. If you do not cancel your registration before the day of the event, you will be charged for the full conference amount. As speakers are confirmed months before the event, some speaker changes do you require any accommodations that require special attention? or topic changes may occur in the program. Global Strategic Management q Yes q no Institute is not responsible for speaker changes, but will work to ensure a if so, please specify: comparable speaker is located to participate in the program. (e.g. wheel-chair access) venue: aCCoMModations: exhiBitinG and sPonsoRshiP The 2009 Governance, Risk Management and A limited number of rooms have been reserved infoRMation: Compliance Summit Conference will be held at: at the John Hancock Hotel (located at the John To learn more about exhibiting at 2009 GRC John Hancock Hotel & Conference Center Hancock Conference Center) at a discount rate of Conference, please contact Luke Vinci at 40 Trinity Pl, Boston, MA 02116 $189 per night (contact the hotel by September 888.409.4418 or email him at 10, 2009 to receive the discounted rate). also, luke.vinci@gsmiweb.com (617) 933-7700 please make sure to ask for the gsMi conference rate when you call for reservations. www.jhcenter.com to make reservations, call, (617) 933 7700